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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days v^'II be considered timely. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 
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2a)S This action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
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?)□ Claim(s) is/are objected to. 
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Application Papers 
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10)n The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction Is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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Priority under 35 U.S.C. § 119 

12)n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 
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* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) M Notice of References Cited (PTO-892) 

2) n Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO-1 449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) [H Interview Summary (PTO-41 3) 

Paper No(s)/Mail Date. . 

5) [H Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: . 



U.S. Patent and Trademark Office 
PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 20050603 



Application/Control Number: 09/838,745 Page 2 

Art Unit: 2135 

DETAILED ACTION 
Response to Amendment 
This office action is in response to amendment filed on 02/22/05. Applicant amended 
Claims 1,14, 27, 35, and 48, The amendment filed on 02/22/05 have been entered and made of 
record. Therefore, presently pending claims are 1-60. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-60 are rejected under 35 U. S. C. 103 (a) as being unpatentable over Bellwood 
in view of the article by Network World . 

In reference to claims 7, 14, 35, and 48, Bellwood discloses a system and method for 
participating in a secure communication between a client and a set of servers by establishing a 
first secure session between the client and the proxy and then a second session, using the second 
session the cUent request the connection to the server (abstract). The method disclosed by 
Bellwood comprises receiving a request from the client system for a secure connection between 
the cHent system and the proxy system (column 5 lines 30-3 1); estabhshing a secure connection 
between the cHent and proxy systems (column 5 hnes 32-52); receiving a request from the cUent 
system for a secure end-to-end connection with the server system (column 6 lines 10-11); and 
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forwarding the client system request for a secure end-to-end connection to the server system 
(column 6 lines 11-15). 

Although the server discloses decrypting, encrypting, and modifying the communications 
between the server and the client (column 6 lines 1-9 and lines 1 1-30) and the secure end-to-end 
connection is encapsulated within the insecure client-proxy connection, i.e. tunneling (column 5 
lines 54-65), Bellwood does not expressly disclose downgrading the secure connection between 
the client system and the proxy system to be insecure after the secure end-to-end connection is 
estabUshed. 

The article by Network world discloses a proxy system that can switch of the encryption. 
Therefore the proxy server does not encrypt or decrypt any data sent between the client and the 
server (Text). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to switch of the secure connection that is no longer required as in the article by 
Network in the system disclosed by Bellwood. One of ordinary skill in the art would have been 
motivated to do this because the client may then use the grater computational power of the proxy 
to communicate with the server and thus reduce the price of producing the client devices. 

In reference to claim 27 Bellwood discloses a system and method for participating in a 
secure communication between a client and a set of servers by establishing a fu*st secure session 
between the client and the proxy and then a second session, using the second session the client 
request the connection to the server (abstract). Bellwood discloses a system and method that 
comprises negotiating a secure connection between the client and proxy systems; negotiating a 
secure end-to-end connection between the cUent and the server system using the secure client- 
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proxy connection (column 5 lines 40-65); and altering the secure client-proxy connection so that 
it is no longer secure (column 7 line 64 and column 8 line 6). 

Although Bellwood discloses tunneling and therefore encapsulating the cUent-server 
communication within client proxy communication (column 5 lines 40-65), Bellwood does not 
expressly disclose a secure end-to-end connection within the insecure chent-proxy connection. 

The article by Network world discloses a proxy system that can switch of the encryption. 
Therefore the proxy server does not encrypt or decrypt any data sent between the client and the 
server (Text). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to switch of the secure connection that is no longer required as in the article by 
Network in the system disclosed by Bellwood. One of ordinary skill in the art would have been 
motivated to do this because the cUent may then use the grater computational power of the proxy 
to communicate with the server and thus reduce the price of producing the client devices. 

In reference to claims 2, 75, 25, 35, and, 49, further comprising the acts of issuing an 
authenticate challenge to the client system; and receiving, over the secure client-proxy collection, 
proper authentication credentials from the client system (Fig. 4 session I and message 6). 

In reference to claims 3, 16, 37, and, 49, wherein the authenticate challenge issued to the 
cUent system is one of a basic and a digest authenticate challenge (column 5 lines 15-29). 

In reference to claims 4, 17, 30, and 39, wherein at least one of the secure client-proxy 
connection and the secure end-to-end connection is certificate based (Fig. 4). 
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In reference to claims 5, 18, 31,40, and 53, wherein at least one of the secure client-proxy 
connection and the secure end-to-end connection is one of a secure sockets layer and a transport 
layer security connection (column 3 lines 50-67). 

In reference to claims 6, 19, 29, 38, and 51, further comprising the act of sending a 
certificate to the cUent system, wherein the certificate may be used to verify the identity of the 
proxy system (column 5 lines 40-52), 

In reference to claims 7, 20, 41, 52, and 54, further comprising the act of receiving 
proper authentication credentials from the client system, wherein the proper authentication 
credentials received from the client system are certificate based. 

In reference to claims 8, 21, 42, and, 55, further comprising the act of transferring data 
between the cUent system and the server system through the secure end-to-end connection 
(column 5 lines 58-65). 

In reference to claims 9, 22, 32, 43, and 56, wherein downgrading the secure connection 
between the client system and the proxy system to be insecure comprises the act of setting the 
cipher set for the connection to be a null cipher, Stallings discloses the messaging wherein the 
amount of encryption is down graded which performs the function of the connection being a null 
cipher (page 144). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to downgrade the security between the proxy and chent of Bellwood as in the 
system disclosed by Stallings. One of ordinary skill in the art would have been motivated to do 
this because the client may then use the grater computational power of the proxy to communicate 
with the server and thus reduce the price of producing the client devices. 
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In reference to claims 10, 23, 33, 44, and 57, wherein the request for a secure end-to-end 
connection comprises a hypertext transfer protocol connect request (column 6 lines 10-1 1). 

In reference to claims 11, 24, 45, and 58, wherein the server system comprises one of a 
reverse proxy server system and a forward proxy system (Fig. 4). 

In reference to claims 12, 25, 46, and 59, wherein at least one connection is over the 
Internet (Fig. 2). 

In reference to claims 13, 26, 34, 47, and 60, wherein the server system comprises a 
cascaded proxy system, the server system allowing Secure connections, insecure connections, or 
both secure and insecure connections, with one or more other server systems (Fig. 4). 

Conclusion 

Applicant amended Claims 1,14, 27, 35, and 48. Applicant's amendment necessitated 
the new ground(s) of rejection presented in this Office action: Accordingly, THIS ACTION IS 
MADE FINAL. See MPEP § •706.07(a). Apphcant is reminded of the extension of time policy 
as set forth in 37 CFR 1, 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 1 36(a) will be calculated fi'om the mailing date of the advisory action. In no event. 
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however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. KUmach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




PWK 

Monday, June 13, 2005 



